Max -- Believe the Space Shuttle Computers actually used 3 voting, and one hot spare, plus a tertiary back up.
This is pretty interesting for a sub $10 part, as it gives one a safety certified CPU / OS / and Tools at quite a reasonable price (Heaven Knows Cars are Expensive These days) Speed is up to 180MHZ for an ARM R4 Core with Floating Point, so it should offer enough Zip to do many of the calculations to do things like boost fuel economy, cut emissions, etc)
For many applications one just wants to detect a fault and restart / halt -- as one may not know if a mechanical fault(most common at the system level), power supply fault(most common electrical), or some other fault has happened.
(Obvious you have not done much work on your own car, or gotten into a helicopter you have had to help work on, and head up a mountain)
@wmwmurray01: Obvious you have not done much work on your own car, or gotten into a helicopter you have had to help work on, and head up a mountain
Guilty as charged -- cars are one of those things that I understand theoretically -- but don;t have a clue what I'm duing when I'm lying underneath one with oil dripping on my head from the big watchmacallit next to the doohickey
Believe in one (Hard) the operations in the two CPU's occur at the same time, in Soft there is a Time Delay (to prevent a common error, such as power rail noise, or ionizing radiation, or other error(soft or hard) from producing incorrect results. (Lockstep refered originally to prisoners marching at close interval)(In the Royal Marine's this was known as Half-Interval March)
Another approach to reliability is to implement the application with two different types of designs. You can have different programmers implement the design differently and this reduces the possibility of a software bug failing in the same way when a single deisgn is just copied to two CPUs. Another approach is to use a different technology (perhaps an FPGA) to implement the second design. This reduces the chance of a bug showing up in both implementations at the same time even more.
Some of the big concerns with the shuttle computers were all the solder connections -- it was bit-slice with magnetic core ram. Annother concern was micro-meteorite damage to a computer.
With the automotive computers the concerns are more:
1) differences between the testing code that is run and the operational code and hitting an uncovered area on the design, or a marginal area on the design.
Another concern with the automotive parts is via's in the die opening up under repeated thermal cycling - (In which case one should probably shut down as one does not know how much of the die is starting to come apart)
What are the engineering and design challenges in creating successful IoT devices? These devices are usually small, resource-constrained electronics designed to sense, collect, send, and/or interpret data. Some of the devices need to be smart enough to act upon data in real time, 24/7. Are the design challenges the same as with embedded systems, but with a little developer- and IT-skills added in? What do engineers need to know? Rick Merritt talks with two experts about the tools and best options for designing IoT devices in 2016. Specifically the guests will discuss sensors, security, and lessons from IoT deployments.